Create Wordlist with Crunch

In this guide, I try to develop my skills in the age-old art of code cracking ς. Παρόλο που μπορεί να φαίνεται σαν μια απλή και ξεκάθαρη διαδικασία, όσοι από εσάς έχετε επιχειρήσει να σπάσετε κωδικούς πρόσβασης γνωρίζετε ότι υπάρχουν πολλές λεπτές ισορροπίες σε αυτή την .

In many of our password cracking procedures, we need to use a word list that will essentially read thousands of possible passwords per second. This is often referred to as a Dictionary Attack, even though we don't need to rely solely on words in a dictionary. These word lists can have any combination of characters and words in an attempt to crack a complex password offline.

Sometimes we may have clues about the password or password elements the target chooses, which may come from our knowledge of the target, e.g. girlfriend, neighbor, friend, etc. It could be their name, their children's names, a pet's name, their birthday or their job. We may also know an organization's password policy (eg at least 8 characters, upper and lower case letters, etc.).

In these cases, we may be able to create a custom wordlist that reflects our knowledge of the organization's password policy or goal.

Kali Linux has a built-in tool called “crunch” and allows us to create a custom password cracking wordlist that we can use with tools like Hashcat, Cain and Abel, John the Ripper, Aircrack-ng, and more. This custom word list can save us hours or days of password cracking if we can get it right.

list10

 

Let's start with crunch and create some custom word lists to crack passwords with crunch.

Step 1: Start Kali and open Crunch

Let's start by activating Kali and opening crunch by going to Applications -> Kali Linux -> Attacks -> Offline Attacks -> crunch.

list

This will open the crunch screen as shown below.

list1

Unlike many others hacking, crunch doesn't give us much information on its home screen. I believe this is because crunch, although relatively simple to use, has so many sophisticated options that its developer has placed much of its information in man.

Step 2: Writing the Crunch

The basic syntax for crunch looks like this:

kali > crunch -t -o filename>

Now, let's see what is included in the above sentence.

  • min = The minimum length of the password.

  • max = The maximum length of the password.

  • characterset = The character set to use to generate the passwords.

Step 3: The Crunch Manual

Let's go to the man pages for crunch by typing:

kali > Mon crunch

This should open the manual pages for crunch like the one below. The crunch developers have filled these pages with lots of information on how to get the most out of crunch.

list2

At the top we see the Switch -f. This allows us to select the character set we want to use to create the word list. The syntax is as follows:

-f /path/to/charset.lst

Here we tell crunch where the charset.lst file is with the full path and then select a specific character set from that list. In Kali, charset.lst is located at:

/usr/share/rainbowcrack/charset.lst

Step 4: Create some simple ones Wordlists

Let's start by creating some simple password cracking word lists. Let's say we know the company has passwords between 4 and 8 characters. We can create all possible combinations with crunch by typing:

kali > crunch 4 8

list3

Where the first number (4) is the shortest word length and the second (8) is the longest word length.

When we run this command, crunch estimates how big the file will be (1812 GB) and then starts building the list.

What if we knew the target always used numeric passwords between 6 and 8 characters long?

We could generate a complete list of passwords that meet this criteria and send it to a file in root's directory named numericwordlist.lst by typing:

kali>crunch 6 8 1234567890 -o /root/numericwordlist.lst

list4

If we knew that the target's birthday was July 28th and that he probably used that date (people often use their birth dates in their passwords to make them easier to remember) at the end of a ten-character password?

We could generate all ten-character passwords ending with 0728 and send the output file to the root user's directory named birthdaywordlist.lst by typing:

kali > crunch 10 10 -t @@@@@@0728 -o /root/birthdaywordlist.lst

list5

The @ symbol is used to represent a wildcard of all characters, while the “0728” elements represent the constant values.

Step 5: Complicated Wordlists with Crunch

One of the beauties of crunch is the possibility of a specific character set or create your own character set to create the password list. If we know the possible character set that the target uses for its password, we can choose the character set to build the password list. We can find the selection of character sets at:

/usr/share/rainbowcrack/charset.txt

list6

Now, if we know that our target uses an eight-character password with only alphabetic characters, we can generate a list of all possible passwords with the following command:

kali > crunch 8 8 -f /usr/share/rainbowcrack/charset.txt mixalpha -o /root/alphawordlist.lst

list7

This will generate all 8-character passwords using only alphabetic characters (no numbers or special characters) and store them in a file named alphawordlist.lst in the root user's directory.

Epilogue

Decrypting passwords involves many methods. These are the dictionary, the rainbow table, the technique Brute Force and others. If we know the parameters of the password or know something about the target and possible passwords (birthday, pet names, spouse, etc.), crunch can be a very useful tool for creating specific lists that will be used in an attack dictionary.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
Wordlist Generator,Wordlist,Crunch

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).